...
I think we need to define an oci repository. Currently we have a helm repository.
Definen OCI Repository
Code Block |
---|
---
apiVersion: source.toolkit.fluxcd.io/v1beta2
kind: HelmRepository
metadata:
name: ncyd-oci-virtual
namespace: ncyd-flux
spec:
type: "oci"
interval: 1m0s
url: oci://ncydacrreleases.azurecr.io/charts |
Use it..
Code Block | ||||
---|---|---|---|---|
| ||||
---
# set $patch: delete to exclude from installation
#$patch: delete
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: kowl
namespace: ncyd-flux
spec:
chart:
spec:
version: '22.0.1-4040670'
sourceRef:
kind: HelmRepository
name: ncyd-oci-virtual
verify:
provider: cosign
secretRef:
name: cosign-pub
values:
imagePullSecrets:
- name: regcred
image:
registry: ncydacrinprogress.azurecr.io
|
References
Reference | URL |
---|---|
Cosign Quickstart | https://docs.sigstore.dev/signing/quickstart/ |
Prove the Authenticity of OCI Artifacts | https://fluxcd.io/blog/2022/10/prove-the-authenticity-of-oci-artifacts/ |
Signing and Verifying OCI Artifacts | https://fluxcd.io/flux/cheatsheets/oci-artifacts/#signing-and-verification |